October 3, 2024 at 03:37PM
Fake trading apps on Google Play and Apple’s App Store, known as “UniShadowTrade” malware, have been removed after attracting thousands of downloads. These apps perpetrate “pig butchering” scams, enticing victims with fake investment returns. Once funds are deposited, fraudsters prevent withdrawals, eventually absconding with the money. The threat has now shifted to phishing websites. It’s cautioned that users should research investment platforms and be cautious of unsolicited high return promises.
Based on the meeting notes, it is evident that fraudulent trading apps have been identified on both Google Play and Apple’s App Store, leading to “pig butchering” scams. The apps were discovered by researchers at cybersecurity company Group-IB, who found that the apps presented fake investment opportunities and manipulated information to prevent users from withdrawing their funds. Additionally, the apps had been removed from the official Android and iOS stores after accumulating thousands of downloads.
The fraudulent apps were categorized under the “UniShadowTrade” malware family and were built using the UniApp framework. Their names included SBI-INT (iOS), Finans Insights (Android), and Finans Trader6 (Android). These apps were downloaded a total of 5,000 times. The UniShadow Trade apps could mimic a variety of legitimate cryptocurrency and trading platforms, and they were disguised as tools for algebraic mathematical formulas and 3D graphics volume area calculations on iOS, and as financial news feed aggregators on Android.
The fraudsters used social engineering techniques, including grooming victims through dating apps and requesting sensitive documents like national IDs and passports. After the removal of the apps from the app stores, the threat actors shifted their operation to phishing websites.
To protect against fraudulent investment schemes, it is recommended that users conduct thorough research before engaging with any investment platform, checking the background, financial records, past performance, reputation, and regulatory status. Users should also be cautious of unsolicited messages and URLs promising high investment returns, as scams are often promoted in this manner.